203a22d633a47baf5324eff35c9467b58599ae01ccf334c866f6cf1e1c2998c5

Sharing

Copy URL Twitter E-mail

General

Target

203a22d633a47baf5324eff35c9467b58599ae01ccf334c866f6cf1e1c2998c5
Size

88KB
MD5

c5351317bfdaba588ede5f7cfaa38338
SHA1

0bd184d3f48f6cd41df1c8454d3de70089596302
SHA256

203a22d633a47baf5324eff35c9467b58599ae01ccf334c866f6cf1e1c2998c5
SHA512

02b618c9e75fb43a4d529a9d4e559d8ae48ff820dedddca4b55cf8c2bbc3b912d5265004b4271d2b3e6e9b32a27b349b4d8c79b339dc46813f28771a451fe2e5
SSDEEP

1536:TDfAKG+P61Rf3+D9kHCe/s1FwqYTF7KUQIlW6IAlHkL:TDneRf3+D9iwbwZQoW6IAlHkL

Score

N/A

Malware Config

Signatures

Files

203a22d633a47baf5324eff35c9467b58599ae01ccf334c866f6cf1e1c2998c5
.exe windows x86

5f892e443e093c697748b04e97580e3e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToSystemTime
CreateFileW
MoveFileW
GetFileAttributesExW
DebugBreak
OutputDebugStringW
FormatMessageW
GetCurrentThreadId
GetLocalTime
SetFilePointer
WriteFile
GetFileSize
GetSystemTime
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
FlushInstructionCache
GetCurrentProcess
GetModuleFileNameW
FileTimeToLocalFileTime
GetProcAddress
ReadFile
WideCharToMultiByte
GetOEMCP
GetACP
CloseHandle
FlushFileBuffers
SetStdHandle
LoadLibraryA
IsBadCodePtr
IsBadReadPtr
GetStringTypeW
GetStringTypeA
GetCPInfo
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
DeleteFileW
GetFileAttributesW
CreateDirectoryW
InterlockedIncrement
GetLastError
InterlockedDecrement
lstrlenA
MultiByteToWideChar
GetCommandLineA
GetCommandLineW
GetEnvironmentStrings
GetEnvironmentStringsW
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
TerminateProcess
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
lstrlenW
HeapCreate
GetVersionExA
GetEnvironmentVariableA
GetModuleFileNameA
RaiseException
RtlUnwind
HeapFree
GetModuleHandleA
GetStartupInfoW
GetVersion
ExitProcess
HeapAlloc
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue

user32

CharNextW
DialogBoxParamW
GetActiveWindow
DefWindowProcW
wvsprintfW
GetDlgItemTextW
EndDialog
GetWindowLongW
GetParent
GetWindow
GetWindowRect
SystemParametersInfoW
GetClientRect
MapWindowPoints
SetWindowPos
GetSystemMetrics
LoadImageW
SendMessageW
SetDlgItemTextW
SetWindowLongW
DestroyWindow

advapi32

RegQueryValueExW
CryptDestroyHash
RegOpenKeyW
RegCloseKey
CryptEncrypt
CryptDecrypt
CryptAcquireContextW
CryptCreateHash
CryptHashData
CryptDeriveKey
CryptDestroyKey
CryptReleaseContext

shell32

SHGetFolderPathW

ole32

CoInitialize
CoCreateInstance
CoUninitialize

oleaut32

SysFreeString
VariantClear
SysAllocString
SysAllocStringLen

comctl32

InitCommonControlsEx

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5f892e443e093c697748b04e97580e3e

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

comctl32

version

Sections

.text Size: 48KB - Virtual size: 46KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 16KB - Virtual size: 20KB

.rsrc Size: 12KB - Virtual size: 9KB

.text
Size: 48KB - Virtual size: 46KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 16KB - Virtual size: 20KB

.rsrc
Size: 12KB - Virtual size: 9KB